In this paper presented at USENIX FOCI 2015 we use reverse engineering to provide a view into how keyword censorship operates on four popular social video platforms in China: YY, 9158, Sina Show, and GuaGua. We also find keyword surveillance capabilities on YY. Our findings show inconsistencies in the implementation of censorship and the keyword lists used to trigger censorship events between the platforms we analyzed. We reveal a range of targeted content including criticism of the government and collective action. These results provide evidence that there is no monolithic set of rules that govern how information controls are implemented in China.
At the 2015 USENIX Free and Open Communications on the Internet (FOCI) workshop, held in Washington DC on August 10, Citizen Lab and collaborators present three papers.
The papers include: investigation of censorship and surveillance on China’s most popular social video platforms, an updated analysis of China’s Great Canon, and examination of securing cookie-based identifiers from passive surveillance.
UC Browser is the most popular mobile web browser in China and India, boasting over 500 million users. This report provides a detailed analysis of how UC Browser manages and transmits user data, particularly private data, during its operation. Our research was prompted by revelations in a document leaked by Edward Snowden on which the Canadian Broadcasting Corporation (CBC) was preparing a story.
Hundreds of members of the Tibetan community are being targeted by email-based malware attacks that leverage the March 10 Tibetan Uprising anniversary as a theme. This report analyzes two March 10 related attacks. One using a new malware family we call MsAttacker , and another using the ShadowNet malware family and command and control infrastructure related to previous campaigns that targeted the Tibetan community.
A new report, entitled “Communities @ Risk: Targeted Digital Threats Against Civil Society,” involved 10 civil society groups that enrolled as study subjects over a period of four years. The study sought to obtain greater visibility into an often overlooked digital risk environment affecting–whether they know it or not–many of society’s most essential institutions.
This report is part of a series which analyzes regionally-based keyword censorship in LINE, a mobile messaging application developed by LINE Corporation. The most recent update to the censorship keyword list include a number of new entries as well as the introduction of regular expressions for more advanced keyword matching.
In this post we report updates on how LINE, KakaoTalk, OneDrive and Flickr are being disrupted in China. We find that Flickr and OneDrive remain consistently blocked, but LINE and KakaoTalk show inconsistent fluctuation between accessibility and inaccessibility. We also analyze security and privacy of FireChat and test accessibility of the service in China.
In this post we examine how the Great Firewall of China is implementing DNS tampering and HTTP request filtering on KakaoTalk and LINE domains, which is disrupting service of the applications as a result. We find that Flickr and OneDrive are also blocked through DNS tampering. We also analyze recent changes to the LINE keyword filtering list.